System and method for globally and securely accessing unified information in a computer network

ABSTRACT

A client stores a first set of workspace data, and is coupled via a computer network to a global server. The client may be configured to synchronize portions of the first set of workspace data with the global server, which stores independently modifiable copies of the portions. The global server may also store workspace data which is not downloaded from the client, and thus stores a second set of workspace data. The global server may be configured to identify and authenticate a user seeking global server access from a remote terminal, and is configured to provide access to the first set or to the second set. Further, services may be stored anywhere in the computer network. The global server may be configured to provide the user with access to the services. The system may further include a synchronization-start module at the client site (which may be protected by a firewall) that initiates interconnection and synchronization with the global server when predetermined criteria have been satisfied.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to and incorporates by reference parentapplication U.S. patent application Ser. No. 08/903,118, entitled“System And Method For Globally And Securely Accessing UnifiedInformation In A Computer Network” of Daniel J. Mendez, Mark D. Riggins,Prasad Wagle, Hong Q. Bui, Mason Ng, Sean Michael Quinlan, Christine C.Ying, Christopher R. Zuleeg, David J. Cowan, Joanna A. Aptekar-Stroberand R. Stanley Bailes, which is a continuation-in-part of co-pendingpatent application entitled “System and Method for Globally AccessingComputer Services,” Ser. No. 08/766,307, filed on Dec. 13, 1996, byinventors Mark D. Riggins, R. Stanley Bailes, Hong Q. Bui, David J.Cowan, Daniel J. Mendez, Mason Ng, Sean Michael Quinlan, Prasad Wagle,Christine C. Ying, Christopher R. Zuleeg and Joanna A. Aptekar-Strober;and of co-pending patent application entitled “System and Method forEnabling Secure Access to Services in a Computer Network,” Ser. No.08/841,950, filed on Apr. 8, 1997, by inventor Mark Riggins; and ofco-pending patent application entitled “System and Method for SecurelySynchronizing Multiple Copies of a Workspace Element in a Network,” Ser.No. 08/835,997, filed on Apr. 11, 1997, by inventors Daniel J. Mendez,Mark D. Riggins, Prasad Wagle and Christine C. Ying; and of co-pendingpatent application entitled “System and Method for Using a GlobalTranslator to Synchronize Workspace Elements Across a Network,” Ser. No.08/865,075, filed on May 29, 1997, by inventors Daniel J. Mendez, MarkD. Riggins, Prasad Wagle and Christine C. Ying. These applications havebeen commonly assigned to RoamPage, Inc. and are incorporated herein byreference as if copied verbatim hereafter. Benefit of the earlier filingdates is claimed on all common subject matter.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates generally to computer networks, and moreparticularly provides a system and method for globally and securelyaccessing unified information in a computer network.

2. Description of the Background Art

The internet currently interconnects about 100,000 computer networks andseveral million computers. Each of these computers stores numerousapplication programs for providing numerous services, such asgenerating, sending and receiving e-mail, accessing World Wide Websites, generating and receiving facsimile documents, storing andretrieving data, etc.

A roaming user, i.e., a user who travels and accesses a workstationremotely, is faced with several problems. Program designers havedeveloped communication techniques for enabling the roaming user toestablish a communications link and to download needed information andneeded service application programs from the remote workstation to alocal computer. Using these techniques, the roaming user can manipulatethe data on the remote workstation and, when finished, can upload themanipulated data back from the remote workstation to the local computer.However, slow computers and slow communication channels make downloadinglarge files and programs a time-consuming process. Further, downloadingfiles and programs across insecure channels severely threatens theintegrity and confidentiality of the downloaded data.

Data consistency is also a significant concern for the roaming user. Forexample, when maintaining multiple independently modifiable copies of adocument, a user risks using an outdated version. By the time the usernotices an inconsistency, interparty miscommunication or data loss mayhave already resulted. The user must then spend more time attempting toreconcile the inconsistent versions and addressing anymiscommunications.

The problem of data inconsistency is exacerbated when multiple copies ofa document are maintained at different network locations. For example,due to network security systems such as conventional firewalltechnology, a user may have access only to a particular one of thesenetwork locations. Without access to the other sites, the user cannotconfirm that the version on the accessible site is the most recentdraft.

Data consistency problems may also arise when using application programsfrom different vendors. For example, the Netscape Navigatorm web engineand the Internet Explorerm web engine each store bookmarks for quickreference to interesting web sites. However, since each web engine usesdifferent formats and stores bookmarks in different files, the bookmarksare not interchangeable. In addition, one web engine may store a neededbookmark, and the other may not. A user who, for example, runs theInternet Explorer™ web engine at home and runs the Netscape Navigator™web engine at work risks having inconsistent bookmarks at each location.

Therefore, a system and method are needed to enable multiple users toaccess computer services remotely without consuming excessive user time,without severely threatening the integrity and confidentiality of thedata, and without compromising data consistency.

SUMMARY OF THE INVENTION

The present invention provides a system and methods for providing globaland secure access to services and to unified (synchronized) workspaceelements in a computer network. A user can gain access to a globalserver using any terminal, which is connected via a computer networksuch as the Internet to the global server and which is enabled with aweb engine.

A client stores a first set of workspace data, and is coupled via acomputer network to a global server. The client is configured tosynchronize selected portions of the first set of workspace data(comprising workspace elements) with the global server, which storesindependently modifiable copies of the selected portions. The globalserver may also store workspace data not received from the client, suchas e-mail sent directly to the global server. Accordingly, the globalserver stores a second set of workspace data. The global server isconfigured to identify and authenticate a user attempting to access itfrom a remote terminal, and is configured to provide access based on theclient configuration either to the first set of workspace data stored onthe client or to the second set of workspace data stored on the globalserver. It will be appreciated that the global server can managemultiple clients and can synchronize workspace data between clients.

Service engines for managing services such as e-mail management,accessing bookmarks, calendaring, network access, etc. may be storedanywhere in the computer network, including on the client, on the globalserver or on any other computer. The global server is configured toprovide the user with access to services, which based on level ofauthentication management or user preferences may include only a subsetof available services. Upon receiving a service request from the client,the global server sends configuration information to enable access tothe service.

Each client includes a base system and the global server includes asynchronization agent. The base system and synchronization agentautomatically establish a secure connection therebetween and synchronizethe selected portions of the first set of workspace data stored on theclient and the second set of workspace data stored on the global server.The base system operates on the client and examines the selectedportions to determine whether any workspace elements have been modifiedsince last synchronization. The synchronization agent operates on theglobal server and informs the base system whether any of the workspaceelements in the second set have been modified. Modified version may thenbe exchanged so that an updated set of workspace elements may be storedat both locations, and so that the remote user can access an updateddatabase. If a conflict exists between two versions, the base systemthen performs a responsive action such as examining content andgenerating a preferred version, which may be stored at both locations.The system may further include a synchronization-start module at theclient site (which may be protected by a firewall) that initiatesinterconnection and synchronization when predetermined criteria havebeen satisfied.

A method of the present invention includes establishing a communicationslink between the client and the global server. The method includesestablishing a communications link between the client and a servicebased upon user requests. The method receives configuration data anduses the configuration data to configure the client components such asthe operating system, the web engine and other components. Configuringclient components enables the client to communicate with the service andprovides a user-and-service-specific user interface on the client.Establishing a communications link may also include confirming accessprivileges.

Another method uses a global translator to synchronize workspaceelements. The method includes the steps of selecting workspace elementsfor synchronization, establishing a communications link between a clientand a global server, examining version information for each of theworkspace elements on the client and on the global server to determineworkspace elements which have been modified since last synchronization.The method continues by comparing the corresponding versions andperforming a responsive action. Responsive actions may include storingthe preferred version at both stores or reconciling the versions usingcontent-based analysis.

The system and methods of the present invention advantageously provide asecure globally accessible third party, i.e. the global server. Thesystem and methods provide a secure technique for enabling a user toaccess the global server and thus workspace data remotely and securely.Because of the global firewall and the identification and securityservices performed by the global server, corporations can storerelatively secret information on the global server for use by authorizedclients. Yet, the present invention also enables corporations tomaintain only a portion of their secret information on the globalserver, so that there would be only limited loss should the globalserver be compromised. Further, the global server may advantageously actas a client proxy for controlling access to services, logging use ofkeys and logging access of resources.

A client user who maintains a work site, a home site, an off-site andthe global server site can securely synchronize the workspace data orportions thereof among all four sites. Further, the predeterminedcriteria (which control when the synchronization-start module initiatessynchronization) may be set so that the general synchronization modulesynchronizes the workspace data upon user request, at predeterminedtimes during the day such as while the user is commuting, or after apredetermined user action such as user log-off or user log-on. Becausethe system and method operate over the Internet, the system isaccessible using any connected terminal having a web engine such as aninternet-enabled smart phone, television settop (e.g., web TV), etc. andis accessible over any distance. Since the system and method includeformat translation, merging of workspace elements between differentapplication programs and different platforms is possible. Further,because synchronization is initiated from within the firewall, thetypical firewall, which prevents in-bound communications and only someprotocols of out-bound communications, does not act as an impediment toworkspace element synchronization.

Further, a roaming user may be enabled to access workspace data from theglobal server or may be enabled to access a service for accessingworkspace data from a client. For example, a user may prefer not tostore personal information on the global server but may prefer to haveremote access to the information. Further, the user may prefer to storehighly confidential workspace elements on the client at work as addedsecurity should the global server be compromised.

The present invention may further benefit the roaming user who needsemergency access to information. The roaming user may request aManagement Information Systems (MIS) director controlling the client toprovide the global server with the proper keys to enable access to theinformation on the client. If only temporary access is desired, the keyscan then be later destroyed either automatically or upon request.Alternatively, the MIS director may select the needed information asworkspace elements to be synchronized and may request immediatesynchronization with the global server. Accordingly, the global serverand the client can synchronize the needed information, and the user canaccess the information from the global server after it has completedsynchronization.

The present invention also enables the system and methods to synchronizekeys, available services and corresponding service addresses to updateaccessibility of workspace data and services. For example, if the userof a client accesses a site on the Internet which requires a digitalcertificate and the user obtains the certificate, the system and methodsof the present invention may synchronize this newly obtained certificatewith the keys stored on the global server. Thus, the user need notcontact the global server to provide it with the information. Thesynchronization means will synchronize the information automatically.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a secure data-synchronizingremotely accessible network in accordance with the present invention;

FIG. 2 is a block diagram illustrating details of a FIG. 1 remoteterminal;

FIG. 3 is a block diagram illustrating details of a FIG. 1 globalserver;

FIG. 4 is a block diagram illustrating details of a FIG. 1synchronization agent;

FIG. 5 is a graphical representation of an example bookmark in globalformat;

FIG. 6 is a graphical representation of the FIG. 3 configuration data;

FIG. 7 is a block diagram illustrating the details of a FIG. 1 client;

FIG. 8 is a block diagram illustrating the details of a FIG. 1 basesystem;

FIG. 9 illustrates an example services list;

FIG. 10 is a flowchart illustrating a method for remotely accessing asecure server;

FIG. 11 is a flowchart illustrating details of the FIG. 10 step ofcreating a link between a client and global server;

FIG. 12 is a flowchart illustrating details of the FIG. 10 step ofproviding access to a service in a first embodiment;

FIG. 13 is a flowchart illustrating details of the FIG. 10 step ofproviding access to a service in a second embodiment,

FIG. 14 is a flowchart illustrating details of the FIG. 10 step ofproviding access to a service in a third embodiment; and

FIG. 15 is a flowchart illustrating a method for synchronizing multiplecopies of a workspace element over a secure network.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

FIG. 1 is a block diagram illustrating a network 100, comprising a firstsite such as a remote computer terminal 105 coupled via a communicationschannel 110 to a global server 115. The global server 115 is in turncoupled via a communications channel 120 to a second site such as aLocal Area Network (LAN) 125 and via a communications channel 122 to athird site such as client 167. Communications channel 110,communications channel 120 and communications channel 122 may bereferred to as components of a computer network such as the Internet.The global server 115 is protected by a global firewall 130, and the LAN125 is protected by a LAN firewall 135.

The LAN 125 comprises a client 165, which includes a base system 170 forsynchronizing workspace data 180 (e-mail data, file data, calendar data,user data, etc.) with the global server 115 and may include a serviceengine 175 for providing computer services such as scheduling, e-mail,paging, word-processing or the like. Those skilled in the art willrecognize that workspace data 180 may include other types of data suchas application programs. It will be further appreciated that workspacedata 180 may each be divided into workspace elements, wherein eachworkspace element may be identified by particular version information782 (FIG. 7). For example, each e-mail, file, calendar, etc. may bereferred to as “a workspace element in workspace data.” For simplicity,each workspace element on the client 165 is referred to herein as beingstored in format A. It will be further appreciated that the workspacedata 180 or portions thereof may be stored at different locations suchas locally on the client 165, on other systems in the LAN 125 or onother systems (not shown) connected to the global server 115.

The client 167 is similar to the client 165. However, workspace datastored on the client 167 is referred to as being stored in format B,which may be the same as or different than format A. All aspectsdescribed above and below with reference to the client 165 are alsopossible with respect to the client 167. For example, client 167 mayinclude services (not shown) accessible from remote terminal 105, mayinclude a base system (not shown) for synchronizing workspace elementswith the global server 115, etc.

The global server 115 includes a security system 160 for providing onlyan authorized user with secure access through firewalls to services. Thesecurity system 160 may perform identification and authenticationservices and may accordingly enable multiple levels of access based onthe level of identification and authentication. The global server 115further includes a configuration system 155 that downloads configurationdata 356 (FIGS. 3 and 6) to the remote terminal 105 to configure remoteterminal 105 components such as the operating system 270 (FIG. 2), theweb engine 283 (FIG. 2), the applet engine 290 (FIG. 2), etc. Theconfiguration system 155 uses the configuration data 356 to enable theremote terminal 105 to access the services provided by the serviceengine 175 and to provide a user-and-service-specific user interface.

The global server 115 stores workspace data 163, which includes anindependently modifiable copy of each selected workspace element in theselected portions of the workspace data 180. Accordingly, the workspacedata 163 includes an independently modifiable copy of each correspondingversion information 782 (FIG. 7). The workspace data 163 may alsoinclude workspace elements which originate on the global server 115 suchas e-mails sent directly to the global server 115 or workspace elementswhich are downloaded from another client (not shown). The global server115 maintains the workspace data 163 in a format, referred to as a“global format,” which is selected to be easily translatable by theglobal translator 150 to and from format A and to and from format B. Aswith format A and format B, one skilled in the art knows that the globalformat actually includes a global format for each information type. Forexample, there may be a global format for bookmarks (FIG. 5), a globalformat for files, a global format for calendar data, a global format fore-mails, etc.

The global server 115 also includes a synchronization agent 145 forexamining the workspace elements of workspace data 163. Moreparticularly, the base system 170 and the synchronization agent 145,collectively referred to herein as “synchronization means,” cooperate tosynchronize the workspace data 163 with the selected portions of theworkspace data 180. The synchronization means may individuallysynchronize workspace elements (e.g., specific word processor documents)or may synchronize workspace element folders (e.g., a bookmark folder).Generally, the base system 170 manages the selected portions of theworkspace data 180 within the LAN 125 and the synchronization agent 145manages the selected portions of workspace data 163 within the globalserver 115. It will be appreciated that the global translator 150cooperates with the synchronization means to translate between format A(or format B) and the global format. It will be further appreciated thatthe global server 115 may synchronize the workspace data 163 withworkspace data 180 and with the workspace data (not shown) on the client167. Accordingly, the workspace data 163 can be easily synchronized withthe workspace data (not shown) on the client 167.

The remote terminal 105 includes a web engine 140, which sends requeststo the global server 115 and receives information to display from theglobal server 115. The web engine 140 may use HyperText TransferProtocol (HTTP) and HyperText Markup Language (HTML) to interface withthe global server 115. The web engine 140 may be enabled to run applets,which when executed operate as the security interface for providingaccess to the global server 115 and which operate as the applicationinterface with the requested service. Using the present invention, auser can operate any remote client 105 connected to the Internet toaccess the global server 115, and thus to access the services and theworkspace data on or accessible by the global server 115.

FIG. 2 is a block diagram illustrating details of the remote terminal105, which includes a Central Processing Unit (CPU) 210 such as aMotorola Power PC™ microprocessor or an Intel Pentium™ microprocessor.An input device 220 such as a keyboard and mouse, and an output device230 such as a Cathode Ray Tube (CRT) display are coupled via a signalbus 235 to CPU 210. A communications interface 240, a data storagedevice 250 such as Read Only Memory (ROM) and a magnetic disk, and aRandom-Access Memory (RAM) 260 are further coupled via signal bus 235 toCPU 210. The communications interface 240 is coupled to a communicationschannel 110 as shown in FIG. 1.

An operating system 270 includes a program for controlling processing byCPU 210, and is typically stored in data storage device 250 and loadedinto RAM 260 (as shown) for execution. Operating system 270 furtherincludes a communications engine 275 for generating and transferringmessage packets via the communications interface 240 to and from thecommunications channel 110. Operating system 270 further includes anOperating System (OS) configuration module 278, which configures theoperating system 270 based on OS configuration data 356 (FIG. 3) such asTransmission Control Protocol (TCP) data, Domain Name Server (DNS)addresses, etc. received from the global server 115.

Operating system 270 further includes the web engine 140 forcommunicating with the global-server 115. The web engine 140 may includea web engine (WE) configuration module 286 for configuring elements ofthe webengine 140 such as home page addresses, bookmarks, caching data,user preferences, etc. based on the configuration data 356 received fromthe global server 115. The web engine 140 may also include an encryptionengine 283 for using encryption techniques to communicate with theglobal server 115. The web engine 140 further may include an appletengine 290 for handling the execution of downloaded applets includingapplets for providing security. The applet engine 290 may include anApplet Engine (AE) configuration module 295 for configuring the elementsof the applet engine 290 based on configuration data 356 received fromthe global server 115.

FIG. 3 is a block diagram illustrating details of the global server 115,which includes a Central Processing Unit (CPU) 310 such as a MotorolaPower PC™ microprocessor or an Intel Pentium™ microprocessor. An inputdevice 320 such as a keyboard and mouse, and an output device 330 suchas a Cathode Ray Tube (CRT) display are coupled via a signal bus 335 toCPU 310. A communications interface 340, a data storage device 350 suchas Read Only Memory (ROM) and a magnetic disk, and a Random-AccessMemory (RAM) 370 are further coupled via signal bus 335 to CPU 310. Asshown in FIG. 1, the communications interface 340 is coupled to thecommunication: channel 110 and to the communications channel 120.

An operating system 380 includes a program for controlling processing byCPU 310, and is typically stored in data storage device 350 and loadedinto RAM 370 (as illustrated) for execution. The operating system 380further includes a communications engine 382 for generating andtransferring message packets via the communications interface 340 to andfrom the communications channel 345. The operating system 380 alsoincludes a web page engine 398 for transmitting web page data 368 to theremote terminal 105, so that the remote terminal 105 can display a webpage 900 (FIG. 9) listing functionality offered by the global server115. Other web page data 368 may include information for displayingsecurity method selections.

The operating system 380 may include an applet host engine 395 fortransmitting applets to the remote terminal 105. A configuration engine389 operates in conjunction with the applet host engine 395 fortransmitting configuration applets 359 and configuration and user data356 to the remote terminal 105. The remote terminal 105 executes theconfiguration applets 359 and uses the configuration and user data 356to configure the elements (e.g., the operating system 270, the webengine 140 and the applet engine 290) of the remote terminal 105.Configuration and user data 356 is described in greater detail withreference to FIG. 6.

The operating system 380 also includes the synchronization agent 145described with reference to FIG. 1. The synchronization agent 145synchronizes the workspace data 163 on the global server 115 with theworkspace data 180 on the client 165. As stated above with reference toFIG. 1, the global translator 150 translates between format A used bythe client 165 and the global format used by the global server 115.

The operating system 380 may also includes a security engine 392 fordetermining whether to instruct a communications engine 382 to create asecure communications link with a client 165 or terminal 105, and fordetermining the access rights of the user. For example, the securityengine 392 forwards to the client 165 or remote terminal 105 securityapplets 362, which when executed by the receiver poll the user andrespond back to the global server 115. The global server 115 can examinethe response to identify and authenticate the user.

For example when a client 165 attempts to access the global server 115the security engine 384 determines whether the global server 115 acceptsin-bound communications from a particular port. If so, the securityengine 392 allows the communications engine 382 to open a communicationschannel 345 to the client 165. Otherwise, no channel will be opened.After a channel is opened, the security engine 392 forwards anauthentication security applet 362 to the remote terminal 105 to pollthe user for identification and authentication information such as for auser ID and a password. The authentication security applet 362 willgenerate and forward a response back to the global server 115, whichwill use the information to verify the identity of the user and provideaccess accordingly.

It will be appreciated that a “request-servicing engine” may be theconfiguration engine 389 and the applet host engine 395 when providingservices to a remote terminal 105 or client 165. The request-servicingengine may be the web page engine 398 when performing workspace data 163retrieval operations directly from the global server 115. Therequest-servicing engine may be the configuration engine 389 and theapplet host engine 395 when performing workspace data 180 retrievaloperations from the client 165 or from any other site connected, to theglobal server 115. The request-servicing engine may be security engine392 when performing security services such as user identification andauthentication. The request-servicing engine may be the synchronizationagent when the performing synchronization with the client 165. Further,the request-servicing engine may be any combination of these components.

FIG. 4 is a block diagram illustrating details of the synchronizationagent 145, which includes a communications module 405 and a generalsynchronization module 410. The communications module 405 includesroutines for compressing data and routines for communicating via thecommunications channel 120 with the base system 170. The communicationsmodule 405 may further include routines for communicating securelychannel through the global firewall 130 and through the LAN firewall125.

The general synchronization module 410 includes routines for determiningwhether workspace elements have been synchronized and routines forforwarding to the base system 170 version information (not shown) ofelements determined to be modified after last synchronization. Thegeneral synchronization module 410 may either maintain its own lastsynchronization signature (not shown), receive a copy of the lastsynchronization signature with the request to synchronize from the basesystem 170, or any other means for insuring that the workspace data hasbeen synchronized. The general synchronization module 410 furtherincludes routines for receiving preferred versions of workspace data 180workspace elements from the base system 170, and routines for forwardingpreferred versions of workspace data 180 workspace elements to the basesystem 170.

FIG. 5 illustrates an example bookmark workspace element in the globalformat. The translator 150 incorporates all the information needed totranslate between all incorporated formats. For example, if for a firstclient a bookmark in format A needs elements X, Y and Z and for a secondclient a bookmark in format B needs elements W, X and Y, the globaltranslator 150 incorporates elements W, X, Y and Z to generate abookmark in the global format. Further, the translator 150 incorporatesthe information which is needed by the synchronization means (asdescribed below in FIG. 4) such as the last modified date. Accordingly,a bookmark in the Global Format may include a user identification (ID)505, an entry ID 510, a parent ID 515, a folder ID flag 520, a name 525,a description 530, the Uniform Resource Locator (URL) 535, the position540, a deleted ID flag 545, a last modified date 550, a created date 555and a separation ID flag 560.

FIG. 6 is a block diagram illustrating details of the configuration anduser data 356. Configuration data 356 includes settings 605 such as TCPdata and the DNS address, web browser settings such as home pageaddress, bookmarks and caching data, applet engine settings, and appletconfiguration data such as the user's e-mail address, name and signatureblock. It will be appreciated that applet-specific configuration anduser data 356 is needed, since the service may not be located on theuser's own local client 165. Configuration and user data 356 furtherincludes predetermined user preferences 610 such as font, window size,text size, etc.

Configuration data 356 further includes the set of services 615, whichwill be provided to the user. Services 615 include a list of registeredusers and each user's list of user-preferred available services 615.Services may also include a list of authentication levels needed toaccess the services 615. Configuration and user data 137 furtherincludes service addresses 620 specifying the location of each of theservices 615 accessible via the global server 115.

FIG. 7 is a block diagram illustrating details of the client 165, whichincludes a CPU 705, an input device 710, an output device 725, acommunications interface 710, a data storage device 720 and RAM 730,each coupled to a signal bus 740.

An operating system 735 includes a program for controlling processing bythe CPU 705, and is typically stored in the data storage device 720 andloaded into the RAM 730 (as illustrated) for execution. A service engine175 includes a service program for managing workspace data 180 thatincludes version information (not shown). The service engine 175 maybealso stored in the data storage device 720 and loaded into the RAM 730(as illustrated) for execution. The workspace data 180 may be stored inthe data storage device 330. As stated above with reference to FIG. 1,the base system 170 operates to synchronize the workspace data 180 onthe client 165 with the workspace data 163 on the global server 115. Thebase system 170 may be also stored in the data storage device 720 andloaded into the RAM 730 (as shown) for execution. The base system 170 isdescribed in greater detail with reference to FIG. 8.

FIG. 8 is a block diagram illustrating details of the base system 170,which includes a communications module 805, a user interface module 810,locator modules 815, a synchronization-start (“synch-start”) module 820,a general synchronization module 825 and a content-based synchronizationmodule 830. For simplicity, each module is illustrated as communicatingwith one another via a signal bus 840. It will be appreciated that thebase system 170 includes the same components as included in thesynchronization agent 145.

The communications module 805 includes routines for compressing data,and routines for communicating via the communications interface 710(FIG. 7) with the synchronization agent 145 (FIG. 1). The communicationsmodule 805 may include routines for applying Secure Socket Layer (SSL)technology and user identification and authentication techniques (i.e.,digital certificates) to establish a secure communication channelthrough the LAN firewall 135 and through the global firewall 130.Because synchronization is initiated from within the LAN firewall 135and uses commonly enabled protocols such as HyperText Transfer Protocol(HTTP), the typical firewall 135 which prevents in-bound communicationsin general and some outbound protocols does not act as an impediment toe-mail synchronization. Examples of communications modules 805 mayinclude TCP/IP stacks or the AppleTalk™ protocol.

The user interface 810 includes routines for communicating with a user,and may include a conventional Graphical User Interface (GUI). The userinterface 810 operates in coordination with the client 165 components asdescribed herein.

The locator modules 815 include routines for identifying the memorylocations of the workspace elements in the workspace data 180 and thememory locations of the workspace elements in the workspace data 163.Workspace element memory location identification may be implementedusing intelligent software, i.e., preset memory addresses or thesystem's registry, or using dialogue boxes to query a user. It will beappreciated that the locator modules 815 may perform workspace elementmemory location identification upon system boot-up or after eachcommunication with the global server 115 to maintain updated memorylocations of workspace elements.

The synchronization-start module 820 includes routines for determiningwhen to initiate synchronization of workspace data 163 and workspacedata 180. For example, the synchronization-start module 820 may initiatedata synchronization upon user request, at a particular time of day,after a predetermined time period passes, after a predetermined numberof changes, after a user action such as user log-off or upon likecriteria. The synchronization-start module 820 initiates datasynchronization by instructing the general synchronization module 825 tobegin execution of its routines. It will be appreciated thatcommunications with synchronization agent 145 preferably initiate fromwithin the LAN 125, because the typical LAN firewall 125 preventsin-bound communications and allows out-bound communications.

The general synchronization module 825 includes routines for requestingversion information from the synchronization agent 145 (FIG. 1) androutines for comparing the version information against a lastsynchronization signature 835 such as a last synchronization date andtime to determine which versions have been modified. The generalsynchronization module 825 further includes routines for comparing thelocal and remote versions to determine if only one or both versions of aparticular workspace element have been modified and routines forperforming an appropriate synchronizing responsive action. Appropriatesynchronizing responsive actions may include forwarding the modifiedversion (as the preferred version) of a workspace element in workspacedata 180 or forwarding just a compilation of the changes to the otherstore(s). Other appropriate synchronizing responsive actions mayinclude, if reconciliation between two modified versions is needed, theninstructing the content-based synchronization module 830 to execute itsroutines (described below).

It will be appreciated that the synchronization agent 145 preferablyexamines the local version information 124 and forwards only theelements that have been modified since the last synchronizationsignature 835. This technique makes efficient use of processor power andavoids transferring unnecessary data across the communications channel712. The general synchronization module 825 in the LAN 135 accordinglycompares the data elements to determine if reconciliation is needed.Upon completion of the data synchronization, the general synchronizationmodule 825 updates the last synchronization signature 835.

The content-based synchronization module 830 includes routines forreconciling two or more modified versions of workspace data 163, 180 inthe same workspace element. For example, if the original and the copy ofa user workspace element have both been modified independently since thelast synchronization, the content-based synchronization module 830determines the appropriate responsive action. The content-basedsynchronization module 830 may request a user to select the preferredone of the modified versions or, may respond based on presetpreferences, i.e., by storing both versions in both stores or byintegrating the changes into a single preferred version which replaceseach modified version at both stores. When both versions are stored atboth stores, each version may include a link to the other version sothat the user may be advised to select the preferred version.

It will be appreciated that any client 165 that wants synchronizationmay have a base system 170. Alternatively, one base system 170 canmanage multiple clients 165. It will be further appreciated that for athin client 165 of limited computing power such as a smart telephone,all synchronization may be performed by the global server 115.Accordingly, components of the base system 170 such as the userinterface module 810, the locator modules 815, the generalsynchronization module 825 and the content-based synchronization module830 may be located on the global server 115. To initiate synchronizationfrom the client 165, the client 165 includes the communications module805 and the synch-start module 820.

FIG. 9 illustrates an example list 900 of accessible services providedby a URL addressable HyperText Markup Language (HTML)-based web page, asmaintained by the web page engine 398 of the global server 115. The list900 includes a title 910 “Remote User's Home Page,” a listing of theprovided services 615 and a pointer 970 for selecting one of theprovided services 615. As illustrated, the provided services may includean e-mail service 920, a calendaring service 930, an internet accessservice 940, a paging service 950, a fax sending service 960, a userauthentication service 963 and a workspace data retrieval service 967.Although not shown, other services 615 such as bookmarking, QuickCard™,etc. may be included in the list 900. Although the web page provides theservices 615 in a list 900, other data structures such as a pie chart ortable may alternatively be used.

FIG. 10 is a flowchart illustrating a method 1000 for enabling a user toaccess the services 615 in the computer network system 100. Method 1000begins by the remote terminal 105 in step 1005 creating a communicationslink with the global server 115. The global server 115 in step 1010confirms that the user has privileges to access the functionality of theglobal server 115. Confirming user access privileges may includeexamining a user certificate, obtaining a secret password, using digitalsignature technology, performing a challenge/response technique, etc. Itwill be appreciated that the security engine 392 may cause the applethost engine 395 to forward via the communications channel 345 to theremote terminal 105 an authentication security applet 362 which whenexecuted communicates with the global server 115 to authenticate theuser.

After user access privileges are confirmed, the web page engine 398 ofthe global server 115 in step 1015 transmits web page data 368 andconfiguration and user data 356 to the remote terminal 105. The webengine 140 of the remote terminal 105 in step 1020 uses the web pagedata 368 and the configuration and user data 356 to display a web pageservice list 900 (FIG. 9) on the output device 230, and to enable accessto the services 615 which the global server 115 offers. An exampleservice list 900 is shown and described with reference to FIG. 9.Configuration of the remote terminal 105 and of the web page 700 isdescribed in detail in the cross-referenced patent applications.

From the options listed on the web page 900, the user in step 1025selects a service 615 via input device 220. In response, therequest-servicing engine (described with reference to FIG. 3) providesthe selected service 615. For example, the applet host engine 395 of theglobal server 115 in step 1030 may download to the remote terminal 105 acorresponding applet 359 and configuration and user data 356 forexecuting the requested service 615. Alternatively, the web page engine398 may use, for example, HTTP and HTML to provide the selected service615. As described above with reference to FIG. 6, the configuration anduser data 356 may include user-specific preferences such asuser-preferred fonts for configuring the selected service 615.Configuration and user data 356 may also include user-specific andservice-specific information such as stored bookmarks, calendar data,pager numbers, etc. Alternatively, the corresponding applet 359 and theconfiguration and user data 356 could have been downloaded instep 1015.Providing access to the service by an applet 359 is described in greaterdetail below with reference to FIGS. 12-14.

The applet engine 290 of the remote terminal 105 in step 1035 initiatesexecution of the corresponding downloaded applet. The global server 115in step 1040 initiates the selected service 615 and in step 1045 selectsone of three modes described with reference to FIGS. 12-14 for accessingthe service 615. For example, if the user selects a service 615 on aservice server (e.g., the client 165) that is not protected by aseparate firewall, then the global server 115 may provide the user withdirect access. If the user selects a service 615 provided by a serviceserver within the LAN 125, then the global server 115 may access theservice 615 as a proxy for the user. It will be appreciated that eachfirewall 130 and 135 may store policies establishing the proper mode ofaccess the global server 115 should select. Other factors for selectingmode of access may include user preference, availability andfeasibility. The global server 115 in step 1050 uses the selected modeto provide the remote terminal 105 user with access to the selectedservice 615.

FIG. 11 is a flowchart illustrating details of step 1005, which beginsby the remote terminal 105 in step 1105 using a known Uniform ResourceLocator (URL) to call the global server 115. The global server 115 andthe remote terminal 105 in step 1107 create a secure communicationschannel therebetween, possibly by applying Secure Sockets Layer (SSL)technology. That is, the security engine 392 of the global server 115 instep 1110 determines if in-bound secure communications are permittedand, if so, creates a communications channel with the remote terminal105. The web engine 140 of the remote terminal 105 and the securityengine 392 of the global server 115 in step 11 15 negotiate securecommunications channel parameters, possibly using public keycertificates. An example secure communications channel is RSA with RC4encryption. Step 1115 thus may include selecting an encryption protocolwhich is known by both the global server 115 and the remote terminal105. The encryption engine 283 of the remote terminal 105 and securecommunications engine 392 of the global server 115 in step 1120 use thesecure channel parameters to create the secure communications channel.Method 505 then ends.

FIG. 12 is a flowchart illustrating details of step 1050 in a firstembodiment, referred to as step 1050 a, wherein the global server 115provides the remote terminal 105 with a direct connection to a service615. Step 1050 a begins by the applet engine 290 in step 1205 running aconfiguration applet 359 for the selected service 615 that retrieves theservice address 620 from data storage device 380 and the authenticationinformation from the keysafe 365. The communications interface 340 instep 1210 creates a direct and secure connection with the communicationsinterface 340 of the global server 115 at the retrieved service address620, and uses the authentication information to authenticate itself. Theapplet in step 1215 acts as the I/O interface with the service 615. Step1050 a then ends.

FIG. 13 is a flowchart illustrating details of step 1050 in a secondembodiment, referred to as step 1050 b, wherein the global server 115acts for the remote terminal 105 as a proxy to the service 615. Step1050 b begins with a configuration applet 359 in step 1305 requestingthe service address 620 for the selected service 615, which results inretrieving the service address 620 directing the applet 359 to theglobal server 115. The applet 359 in step 1310 creates a connection withcommunications interface 340 of the global server 115. The global server115 in step 1315 retrieves the service address 620 of the selectedservice 615 and the authentication information for the selected service615 from the keysafe 365. The communications interface 340 of the globalserver 115 in step 1320 negotiates secure channel parameters forcreating a secure channel with the service server 1014. Thecommunications interface 340 in step 1320 also authenticates itself asthe user.

Thereafter, the applet 359 in step 1325 acts as the I/O interface withthe communications interface 340 of the global server 115. If the globalserver 115 in step 1330 determines that it is unauthorized to perform aremote terminal 105 user's request, then the global server 115 in step1345 determines whether the method 1050 b ends, e.g., whether the userhas quit. If so, then method 1050 b ends. Otherwise, method 1050 breturns to step 1325 to obtain another request. If the global server 115in step 1330 determines that it is authorized to perform the remoteterminal 105 user's request, then the global server 115 in step 1340acts as the proxy for the remote terminal 105 to the service 615. Asproxy, the global server 115 forwards the service request to theselected service 615 and forwards responses to the requesting applet 359currently executing on the remote terminal 105. Method 1050 b then jumpsto step 1345.

FIG. 14 is a flowchart illustrating details of step 1050 in a thirdembodiment, referred to as step 1050 c, wherein the service 615 beingrequested is located on the global server 115. Step 1050 begins with anapplet in step 1405 retrieving the service address 620 for the selectedservice 615, which results in providing the configuration applet 359with the service address 620 of the service 615 on the global server115. Thus, the applet in step 1410 creates a secure connection with theglobal server 115. No additional step of identification andauthentication is needed since the remote terminal 105 has alreadyidentified and authenticated itself to the global server 115 asdescribed with reference to step 1010 of FIG. 10.

In step 1415, a determination is made whether the service 615 iscurrently running. If so, then in step 1425 a determination is madewhether the service 615 can handle multiple users. If so, then theglobal server 115 in step 1430 creates an instance for the user, and theapplet in step 1440 acts as the I/O interface with the service 615 onthe global server 115. Method 1050 c then ends. Otherwise, if theservice 615 in, step 1425 determines that it cannot handle multipleusers, then method 1050 c proceeds to step 1440. Further, if in step1415 the global server 115 determines that the service 615 is notcurrently running, then the global server 115 in step 1420 initializesthe service 615 and proceeds to step 1425.

FIG. 15 is a flowchart illustrating a method 1500 for using a globaltranslator 150 to synchronize workspace data 163 and workspace data 180in a secure network 100. Method 1500 begins with the user interface 900in step 1505 enabling a user to select workspace elements of workspacedata 163 and workspace data 180 for the synchronization means tosynchronize. The locator modules 815 in step 1510 identify the memorylocations of the workspace elements in workspace data 163 and workspacedata 180. If a selected workspace element does not have a correspondingmemory location, such as in the case of adding new workspace elements tothe global server 115, then one is selected. The selected memorylocation may be a preexisting workspace element or a new workspaceelement. As stated above, workspace element memory locationidentification may be implemented using intelligent software or dialogueboxes. The general synchronization module 825 in step 1515 sets theprevious status of the workspace elements equal to the null set, whichindicates that all information of the workspace element has been added.

The synchronization-start module 820 in step 1520 determines whetherpredetermined criteria have been met which indicate that synchronizationof the workspace elements selected in step 1505 should start. If not,then the synchronization-start module 820 in step 1525 waits and loopsback to step 1520. Otherwise, the communications module 805 and thecommunications module 405 in step 1530 establish a secure communicationschannel therebetween.

The general synchronization module 825 in step 1535 determines whetherany workspace elements have been modified. That is, the generalsynchronization module 825 in step 1535 examines the version informationof each selected workspace element in the workspace data 180 against thelast synchronization signature 435 to locate modified workspaceelements. This comparison may include comparing the date of lastmodification with the date of last synchronization, or may include acomparison between the current status and the previous status as of thelast interaction. Similarly, the general synchronization module 815examines the version information of each corresponding workspace elementin workspace data 163 and the last synchronization signature 435 tolocate modified workspace elements.

If in step 1535 no modified workspace elements or folders are located,then the general synchronization module 825 in step 1560 updates thelast synchronization signature 435 and method 1500 ends. Otherwise, thegeneral synchronization module 825 in step 1540 determines whether morethan one version of a workspace element has been modified since the lastsynchronization.

If only one version has been modified, then the corresponding generalsynchronization module 825 in step 1545 determines the changes made. Asstated above, determining the changes made may be implemented bycomparing the current status of the workspace element against theprevious status of the workspace element as of the last interactiontherebetween. If the changes were made only to the version in theworkspace data 163, then the global translator 150 in step 1550translates the changes to the format used by the other store, and thegeneral synchronization module 410 in step 1555 forwards the translatedchanges to the general synchronization module 825 for updating theoutdated workspace element in the workspace data 180. If the updatedversion is a workspace element in the workspace data 180, then thegeneral synchronization module 825 sends the changes to the updatedversion to the global translator 150 for translation and then to thegeneral synchronization module 410 for updating the outdated workspaceelement in the workspace data 163. The general synchronization module825 and the general synchronization module 410 in step 1557 update theprevious state of the workspace element to reflect the current state asof this interaction. Method 1500 then returns to step 1535.

If the general synchronization module 825 in step 1540 determines thatmultiple versions have been modified, then the general synchronizationmodule 825 in step 1565 computes the changes to each version and in step1570 instructs the content-based synchronization module 830 to examinecontent to determine if any conflicts exist. For example, thecontent-based synchronization module 830 may determine that a conflictexists if a user deletes a paragraph in one version and modified thesame paragraph in another version. The content-based synchronizationmodule 830 may determine that a conflict does not exist if a userdeletes different paragraphs in each version. If no conflict is found,then method 1500 jumps to step 1550 for translating and forwarding thechanges in each version to the other store. However, if a conflict isfound, then the content-based synchronization module 830 in step 1575reconciles the modified versions. As stated above, reconciliation mayinclude requesting instructions from the user or based on previouslyselected preferences performing responsive actions such as storing bothversions at both stores. It will be appreciated that a link between twoversions may be placed in each of the two versions, so that the userwill recognize to examine both versions to select the preferred version.Method 1500 then proceeds to step 1550.

It will be further appreciated that in step 1510 new workspace elementsand preexisting workspace elements to which new workspace elements willbe merged are set to “modified” and the previous status is set to thenull set. Thus, the general synchronization module 825 in step 1540 willdetermine that more that one version has been modified and thecontent-based synchronization module 830 in step 1570 will determinethat no conflict exists. The changes in each will be translated andforwarded to the other store. Accordingly, the two versions will beeffectively merged and stored at each store.

For example, if a first bookmark folder was created by the web engine140 on the client 165, a second folder was created by a web engine 140on the remote terminal 105, no preexisting folder existed on the globalserver 115 and the user selected each of these folders forsynchronization, then the synchronization means will effectively mergethe first and second folders. That is, the general synchronizationmodule 825 on the client 165 will determine that the first folder hasbeen modified and the previous status is equal to the null set. Thegeneral synchronization module 825 will determine and send the changes,i.e., all the workspace elements in the first folder, to a new globalfolder on the global server 115. Similarly, the general synchronizationmodule (not shown) on the remote terminal 105 will determine that, as ofits last interaction, the previous status of each of the second and theglobal folders is the null set. The general synchronization module 825will instruct the content-based synchronization module 830 to examinethe changes made to each folder to determine whether a conflict exists.Since no conflicts will exist, the general synchronization module 825will forward the changes to the global folder and the generalsynchronization module 410 will forward its changes to the second store,thereby merging the workspace elements of the first and second foldersin the global and second folders. The general synchronization module 410will inform the general synchronization module 825 that the globalfolder has been modified relative to the last interaction, and willforward the new changes to the first folder. Thus, the first and secondfolders will be merged and stored at each store.

The foregoing description of the preferred embodiments of the inventionis by way of example only, and other variations of the above-describedembodiments and methods are provided by the present invention. Forexample, a server can be any computer which is polled by a client. Thus,the remote terminal 105 may be referred to as a type of client. Althoughthe system and method have been described with reference to applets,other downloadable executables such as Java™ applets, Java™ applicationsor ActiveX™ control developed by the Microsoft Corporation canalternatively be used. Components of this invention may be implementedusing a programmed general-purpose digital computer, using applicationspecific integrated circuits, or using a network of interconnectedconventional components and circuits. The embodiments described hereinhave been presented for purposes of illustration and are not intended tobe exhaustive or limiting. Many variations and modifications arepossible in light of the foregoing teaching. The invention is limitedonly by the following claims.

1. An e-mail system for providing synchronized communication ofindependently modifiable e-mails over an Internet between a local areanetwork (LAN) server secured by a LAN firewall with at least onenormally open LAN firewall port, and each of a plurality of smart-phonedevices, said system comprising: a global server secured by a globalserver firewall having a global server firewall port therein; a firstInternet communication channel coupling said LAN server to said globalserver through said open LAN firewall port and said global serverfirewall port over the Internet; a plurality of second Internetcommunication channels, each coupling said global server to a respectiveone of said smart-phone devices over the Internet; at least onetranslator for translating e-mail data of different formats such thate-mails transmitted to said global server and said smart-phone devicesare of a format or formats which are acceptable thereto; at least onestorage device for storing version information indicating differencesbetween independently modifiable e-mails; a general synchronizationmodule responsive to a synchronization start command to synchronizedifferent independently modifiable e-mails; and a synchronization-startmodule coupled to said general synchronization module, saidsynchronization-start module being responsive to an existence ofpredetermined criteria to produce and send a synchronization startcommand to said general synchronization module.
 2. A system according toclaim 1 wherein the normally open port is an HTTP port.
 3. A system,according to claim 1, wherein the normally open port is an HTTP (SSL)port.
 4. A system, according to claim 1, wherein said storage device islocated at the LAN server.
 5. A system, according to claim 1, whereinsaid LAN includes a client device and wherein said storage device islocated at said client device.
 6. A system, according to claim 1,wherein said storage device is located at said global server.
 7. Asystem, according to claim 1, wherein said storage device is located atone or more of said plurality of said smart-phone devices.
 8. A system,according to claim 1, wherein said translator is located at said LANserver.
 9. A system, according to claim 1, wherein said LAN includes aclient device and wherein said translator is located at said clientdevice.
 10. A system, according to claim 1, wherein said translator islocated at said global server.
 11. A system, according to claim 1,wherein said translator is located at one or more of said plurality ofsaid smart-phone devices.
 12. A system, according to claim 1, whereinsaid general synchronization module is located at said LAN server.
 13. Asystem, according to claim, wherein said LAN includes a client deviceand wherein said general synchronization module is located at saidclient device.
 14. A system, according to claim 1, wherein said generalsynchronization module is located at said global server.
 15. A system,according to claim 1, wherein said general synchronization module islocated at one or more of said plurality of said smart-phone devices.16. A system, according to claim 1, wherein said synchronization-startmodule is located at said LAN server.
 17. A system, according to claim1, wherein said LAN includes a client device and wherein saidsynchronization-start module is located at said client device.
 18. Asystem, according to claim 1, wherein said synchronization-start moduleis located at one or more of said plurality of said smart-phone devices.